Interesting People mailing list archives
Deworming the Internet -- addressing market failure in computer security
From: David Farber <dave () farber net>
Date: Sun, 21 Nov 2004 11:25:34 -0500
Begin forwarded message: From: Douglas Barnes <salguod () mail utexas edu> Date: November 20, 2004 10:48:55 AM EST To: dave () farber netSubject: Deworming the Internet -- addressing market failure in computer security
Dave--I thought IP folks might be interested in a paper I've written which is just now available on SSRN. In part it's a response to the periodic calls for
"liability" (notably from Bruce Schneier) as a mechanism for solvingcomputer problems. The upshot is that I think Bruce is right that there is a need for a regulatory response, but that extending, say, tort liability to
software would be a disaster. In addition to my more complicated law & economics argument for why this is, I point out in passing that ordinarytort liability could crush open source software, which has the potential to
act as a positive force in addressing the underlying market failure. Links and abstract below. Comments welcome. Cheers, Douglas Barnes ===========http://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID622364_code402123.pdf? abstra
ctid=622364&mirid=1 or http://papers.ssrn.com/abstract=622364 Abstract:Both law enforcement and markets for software standards have failed to solve
the problem of software that is vulnerable to infection bynetwork-transmitted worms. Consequently, regulatory attention should turn to the publishers of worm-vulnerable software. Although ordinary tort liability
for software publishers may seem attractive, it would interact in unpredictable ways with the winner-take-all nature of competition among publishers of mass-market, internet-connected software. More tailoredsolutions are called for, including mandatory "bug bounties" for those who find potential vulnerabilities in software, minimum quality standards for software, and, once the underlying market failure is remedied, liability for
end users who persist in using worm-vulnerable software. ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Deworming the Internet -- addressing market failure in computer security David Farber (Nov 22)